session-cookies

How to set a cookie for iframe on the same domain

こ雲淡風輕ζ 提交于 2019-12-08 20:34:59
问题 I'm trying to make integration of etherpad-lite in the CMS Plone, following Example 1 of the official documentation http://etherpad.org/doc/v1.2.7/ Portal places the cookie "sessionID" with the given value on the client and creates an iframe including the pad. Everythings goes well except for the cookie. Reading documentation the best pratice seems to make etherpad-lite in the same domain under a specific path. This is what I have done using /pad/ path. Plone side if no session has been

Delete Session Cookies Across Multiple Subdomains in Rails 3

∥☆過路亽.° 提交于 2019-12-08 19:26:31
问题 I'm building a rails app that works similar to Wufoo. When you sign up you get a subdomain, and you can log in on the home page. The app is working, so that when you log in, you get redirected to your subdomain. The problem is that I can't delete the session on both domains. If you log out at (username.myapp.com), it stays logged in at (myapp.com) and vice versa. Right now I'm using session[:user_id] = nil to delete the session. Is there a way to delete all the sessions across all domains. In

Is there a way to stop Symfony2 sending session cookies for certain paths?

五迷三道 提交于 2019-12-08 17:24:56
问题 I'm implementing a web service as part of a Symfony2 site that will be accessed using JSONp and iframes from another (static) site. When a user logs in using an iFrame, Safari doesn't keep the session, so I store the session ID in the cookies of the static site using javascript, and pass it back in the GET or POST parameters of requests, which is working fine. The problem is that on other browsers, the session cookie for the web service is being retained, which means that when the user logs

Django rest framework Reactjs sessions not working

前提是你 提交于 2019-12-08 15:16:28
So I have set up Django rest framework as a backend API for an e-commerce website. The website is displayed through a React frontend, which is not served by the django backend. I am currently running both the Django backend and the React frontend from their local development servers ( http://127.0.0.1:8000 and http://127.0.0.1:3000 respectively). In the future they will be on separate domains, probably. When I set a session in a view, and read the content in another, this works if I just type in the urls for creating and reading directly into my browser (just for testing purposes). But when I

Why is PHP ignoring all cookies after the first 100?

╄→尐↘猪︶ㄣ 提交于 2019-12-08 13:37:03
问题 I know I shouldn't be storing so many cookies in my users' browsers. And I'm working on reducing the number. But still I want to know the answer to this. The browser is sending 120 cookies. I can see all of them when I view the request using dev tools. But in PHP when I examine the $_COOKIE variable, there are only 100. To make matters worse, one of the cookies that isn't getting through is the PHPSESSID, and so sessions aren't working at all. Every Google result tells me that cookie limits

weblogic jsessionid cookie-secure

谁都会走 提交于 2019-12-08 13:35:48
问题 I want to set session cookie to "secure", but I want to be able to access the app with http on some test boxes and https in upper environments. I am setting JSESSIONID to cookie-secure=true this way: weblogic.xml: <session-descriptor> <cookie-http-only>true</cookie-http-only> <cookie-secure>true</cookie-secure> </session-descriptor> HTTPS requests work fine, but every request on non-ssl protocol yields a new JSESSIONID. Is there some other setting I can use to conditionally set cookie-secure

how to set HTTP only flag in XAMPP

醉酒当歌 提交于 2019-12-08 13:17:14
问题 I want to set HTTP only flag in xampp v3.2.2 i have installed opencart v 2.3.0.2 on xampp and enable it in every php.ini but still not working you can also see this for more information here 回答1: session.httponly option can be enabled by php.ini. To verify that it is working you will need to run: phpinfo(); if the option is not there or set properly, then you are editing the wrong php.ini file. 回答2: For XAMPP on Ubuntu edit the file php.ini /opt/lampp/etc/php.ini session.cookie_httponly=On

Security of Cookie-based sessions

吃可爱长大的小学妹 提交于 2019-12-08 11:19:25
问题 I need some clarity around how cookie-based sessions work. I'm building an app where I authenticate a user and upon successful authentication, I stick a GUID identifying his user into the session, which in turn gets persisted as a cookie. Now when a user logs in, whats to prevent someone from sniffing traffic, stealing the contents of the user's cookie and creating a cookie on their own end and login to my site as that person? Another scenario could be if I had physical access to a machine

Is there a way to invalidate user's cookie?

两盒软妹~` 提交于 2019-12-08 10:40:37
问题 Is there a way to invalidate user's cookie? Scenario: User comes to my website (I can get any data I want); User leaves the pages; After some time a callback from another server comes with user ID. At this point, I need to invalidate user session and cookies. With sessions, this was as simple as: session_id($user['session_id']); session_destroy(); How to achieve the same with cookies? Please see comments under this post for more details and how it is related with Facebook. The simple solution

Python Scraping Web with Session Cookie

混江龙づ霸主 提交于 2019-12-08 09:54:58
问题 Hi iam trying to scrap some data off from this URL: http://www.21cineplex.com/nowplaying/jakarta,3,JKT.htm/1 As you may have noticed, if cookies and session data is not yet set you will be redirected to its base url (http://www.21cineplex.com/) I tried to do it like this: def main(): try: cj = CookieJar() baseurl = "http://www.21cineplex.com" opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(cj)) opener.open(baseurl) urllib2.install_opener(opener) movieSource = urllib2.urlopen('http:/
订阅 session-cookies